Closed ag-michael closed 2 years ago
For example, this is breaking attack scripts such as https://github.com/mitre-attack/attack-scripts/blob/b94e05c0a29a6fdfc9701c721fcf03cdf9f7945b/scripts/techniques_from_data_source.py
python3 techniques_from_data_source.py
All data sources in Enterprise ATT&CK:
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/taxii2client/common.py", line 125, in _to_json
return resp.json()
File "/usr/local/lib/python3.9/site-packages/requests/models.py", line 900, in json
return complexjson.loads(self.text, **kwargs)
File "/usr/local/lib/python3.9/site-packages/simplejson/__init__.py", line 525, in loads
return _default_decoder.decode(s)
File "/usr/local/lib/python3.9/site-packages/simplejson/decoder.py", line 370, in decode
obj, end = self.raw_decode(s)
File "/usr/local/lib/python3.9/site-packages/simplejson/decoder.py", line 400, in raw_decode
return self.scan_once(s, idx=_w(s, idx).end())
simplejson.errors.JSONDecodeError: Unterminated string starting at: line 1 column 64468 (char 64467)
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/Users/mgetachew/attack-scripts/scripts/techniques_from_data_source.py", line 51, in <module>
print("\n".join(data_sources()))
File "/Users/mgetachew/attack-scripts/scripts/techniques_from_data_source.py", line 16, in data_sources
techniques = tc_src.query([Filter("type", "=", "attack-pattern")])
File "/usr/local/lib/python3.9/site-packages/stix2/datastore/taxii.py", line 290, in query
all_data = self.collection.get_objects(**taxii_filters_dict).get('objects', [])
File "/usr/local/lib/python3.9/site-packages/taxii2client/v20/__init__.py", line 419, in get_objects
response = self._conn.get(self.objects_url, headers=headers, params=query_params)
File "/usr/local/lib/python3.9/site-packages/taxii2client/common.py", line 325, in get
return _to_json(resp)
File "/usr/local/lib/python3.9/site-packages/taxii2client/common.py", line 128, in _to_json
six.raise_from(InvalidJSONError(
File "<string>", line 3, in raise_from
taxii2client.exceptions.InvalidJSONError: Invalid JSON was received from https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/objects/?match%5Btype%5D=attack-pattern
This has been resolved.
I've been using your STIX collections at https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/objects/ , which has been working great until today. If you run this:
curl 'https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/objects/?match\[type\]=attack-pattern' -H 'Accept: application/vnd.oasis.stix+json; version=2.0'
You will see the data being cut off mid-way, causing a JSON parsing error on clients.